keepalived/b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch

From b7a98f9265ffb5927c4d54c9a30726c76e65bb52 Mon Sep 17 00:00:00 2001
From: Quentin Armitage <quentin@armitage.org.uk>
Date: Sat, 10 Nov 2018 19:03:47 +0000
Subject: [PATCH] Update to support libipset version 7

Issue #1058 reported that keepalived failed to build with libipset
version 7. This commit updates keepalived to detect if the version
of the keepalived libraries is pre v7 or not, and compiles
appropriately.

Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
---
 configure.ac                    | 21 ++++++++++++
 keepalived/include/vrrp_ipset.h |  2 +-
 keepalived/vrrp/vrrp_ipset.c    | 58 ++++++++++++++++++++++++++++++---
 keepalived/vrrp/vrrp_iptables.c |  2 +-
 4 files changed, 76 insertions(+), 7 deletions(-)

diff --git a/configure.ac b/configure.ac
index ecec32a2..708b04fe 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1212,6 +1212,27 @@ if test .${enable_libiptc} != .no -a .$enable_vrrp != .no; then
 		 [AC_DEFINE([LIBIPSET_H_ADD_IP_SET_H_GUARD], [1], [Define to add guard _IP_SET_H before including <libipset/linux_ip_set.h>])])
 	      ])
 	  fi
+
+	  if test $USE_LIBIPSET = Yes; then
+	    AC_MSG_CHECKING([for libipset version 7 or later])
+	    AC_COMPILE_IFELSE([AC_LANG_SOURCE(
+	      [[
+	        #include <libipset/session.h>
+
+		void test_func(void)
+		{
+		  ipset_session_init(NULL, NULL);
+		}
+	      ]])],
+	      [
+	        AC_MSG_RESULT([yes])
+	      ],
+	      [
+	        AC_MSG_RESULT([no])
+	        AC_DEFINE([LIBIPSET_PRE_V7_COMPAT], [ 1 ], [Define to 1 if libipset library version prior to v7])
+	        add_system_opt[LIBIPSET_PRE_V7]
+	      ])
+	  fi
 	])
       LIBS="$SAV_LIBS"
     fi
diff --git a/keepalived/include/vrrp_ipset.h b/keepalived/include/vrrp_ipset.h
index 5a1a9562..5d83b21a 100644
--- a/keepalived/include/vrrp_ipset.h
+++ b/keepalived/include/vrrp_ipset.h
@@ -29,7 +29,7 @@
 bool add_ipsets(bool);
 bool remove_ipsets(void);
 bool has_ipset_setname(void*, const char *);
-bool ipset_init(void);
+bool ipset_initialise(void);
 void* ipset_session_start(void);
 void ipset_session_end(void*);
 void ipset_entry(void*, int cmd, const ip_address_t*);
diff --git a/keepalived/vrrp/vrrp_ipset.c b/keepalived/vrrp/vrrp_ipset.c
index 4b3ab7cd..dbe248eb 100644
--- a/keepalived/vrrp/vrrp_ipset.c
+++ b/keepalived/vrrp/vrrp_ipset.c
@@ -43,6 +43,9 @@
 #endif
 #include <libipset/session.h>
 #include <libipset/types.h>
+#ifndef LIBIPSET_PRE_V7_COMPAT
+#include <libipset/ipset.h>
+#endif
 #include <netinet/in.h>
 #include <linux/types.h>	/* For __beXX types in userland */
 #include <linux/netfilter.h>	/* For nf_inet_addr */
@@ -60,11 +63,18 @@
 #include <dlfcn.h>
 
 /* The addresses of the functions we want */
+#ifdef LIBIPSET_PRE_V7_COMPAT
 struct ipset_session* (*ipset_session_init_addr)(ipset_outfn outfn);
+#else
+struct ipset_session* (*ipset_session_init_addr)(ipset_print_outfn outfn, void *p);
+#endif
 int (*ipset_session_fini_addr)(struct ipset_session *session);
 struct ipset_data* (*ipset_session_data_addr)(const struct ipset_session *session);
-const char* (*ipset_session_error_addr)(const struct ipset_session *session);
+#ifdef LIBIPSET_PRE_V7_COMPAT
 int (*ipset_envopt_parse_addr)(struct ipset_session *session, int env, const char *str);
+#else
+void (*ipset_envopt_set_addr)(struct ipset_session *session, int env);
+#endif
 const struct ipset_type* (*ipset_type_get_addr)(struct ipset_session *session, enum ipset_cmd cmd);
 int (*ipset_data_set_addr)(struct ipset_data *data, enum ipset_opt opt, const void *value);
 int (*ipset_cmd_addr)(struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno);
@@ -74,8 +84,11 @@ void (*ipset_load_types_addr)(void);
 #define ipset_session_init (*ipset_session_init_addr)
 #define ipset_session_fini (*ipset_session_fini_addr)
 #define ipset_session_data (*ipset_session_data_addr)
-#define ipset_session_error (*ipset_session_error_addr)
+#ifdef LIBIPSET_PRE_V7_COMPAT
 #define ipset_envopt_parse (*ipset_envopt_parse_addr)
+#else
+#define ipset_envopt_set (*ipset_envopt_set_addr)
+#endif
 #define ipset_type_get (*ipset_type_get_addr)
 #define ipset_data_set (*ipset_data_set_addr)
 /* Unfortunately ipset_cmd conflicts with struct ipset_cmd */
@@ -87,6 +100,22 @@ static void* libipset_handle;
 #define ipset_cmd1 ipset_cmd
 #endif
 
+#ifndef LIBIPSET_PRE_V7_COMPAT
+static int
+ipset_printf(__attribute ((__unused__)) struct ipset_session *session, void *p, const char *fmt, ...)
+{
+	va_list args;
+
+	log_message(LOG_INFO, "libipset message from %s", (const char *)p);
+
+	va_start(args, fmt);
+	vlog_message(LOG_INFO, fmt, args);
+	va_end(args);
+
+	return 0;
+}
+#endif
+
 static bool
 do_ipset_cmd(struct ipset_session* session, enum ipset_cmd cmd, const char *setname,
 		const ip_address_t *addr, uint32_t timeout, const char* iface)
@@ -162,7 +191,11 @@ static bool create_sets(const char* addr4, const char* addr6, const char* addr_i
 {
 	struct ipset_session *session;
 
+#ifdef LIBIPSET_PRE_V7_COMPAT
 	session = ipset_session_init(printf);
+#else
+	session = ipset_session_init(ipset_printf, "create_sets");
+#endif
 	if (!session) {
 		log_message(LOG_INFO, "Cannot initialize ipset session.");
 		return false;
@@ -171,7 +204,11 @@ static bool create_sets(const char* addr4, const char* addr6, const char* addr_i
 	/* If we aren't reloading, don't worry if sets already exists. With the
 	 * IPSET_ENV_EXIST option set, any existing entries in the set are removed. */
 	if (!reload)
+#ifdef LIBIPSET_PRE_V7_COMPAT
 		ipset_envopt_parse(session, IPSET_ENV_EXIST, NULL);
+#else
+		ipset_envopt_set(session, IPSET_ENV_EXIST);
+#endif
 
 	if (block_ipv4) {
 		if (!reload || !has_ipset_setname(session, addr4))
@@ -220,7 +257,7 @@ bool set_match_loaded(void)
 	return found;
 }
 
-bool ipset_init(void)
+bool ipset_initialise(void)
 {
 #ifdef _LIBIPSET_DYNAMIC_
 	if (libipset_handle)
@@ -252,8 +289,11 @@ bool ipset_init(void)
 	if (!(ipset_session_init_addr = dlsym(libipset_handle, "ipset_session_init")) ||
 	    !(ipset_session_fini_addr = dlsym(libipset_handle, "ipset_session_fini")) ||
 	    !(ipset_session_data_addr = dlsym(libipset_handle,"ipset_session_data")) ||
-	    !(ipset_session_error_addr = dlsym(libipset_handle,"ipset_session_error")) ||
+#ifdef LIBIPSET_PRE_V7_COMPAT
 	    !(ipset_envopt_parse_addr = dlsym(libipset_handle,"ipset_envopt_parse")) ||
+#else
+	    !(ipset_envopt_set_addr = dlsym(libipset_handle,"ipset_envopt_set")) ||
+#endif
 	    !(ipset_type_get_addr = dlsym(libipset_handle,"ipset_type_get")) ||
 	    !(ipset_data_set_addr = dlsym(libipset_handle,"ipset_data_set")) ||
 	    !(ipset_cmd_addr = dlsym(libipset_handle,"ipset_cmd")) ||
@@ -285,7 +325,11 @@ bool remove_ipsets(void)
 		return true;
 #endif
 
+#ifdef LIBIPSET_PRE_V7_COMPAT
 	session = ipset_session_init(printf);
+#else
+	session = ipset_session_init(ipset_printf, "remove_ipsets");
+#endif
 	if (!session) {
 		log_message(LOG_INFO, "Cannot initialize ipset session.");
 		return false;
@@ -311,7 +355,11 @@ bool add_ipsets(bool reload)
 
 void* ipset_session_start(void)
 {
-	return ipset_session_init(NULL);
+#ifdef LIBIPSET_PRE_V7_COMPAT
+	return ipset_session_init(printf);
+#else
+	return ipset_session_init(ipset_printf, "session_start");
+#endif
 }
 
 void ipset_session_end(void* vsession)
diff --git a/keepalived/vrrp/vrrp_iptables.c b/keepalived/vrrp/vrrp_iptables.c
index 874b0d0b..9b05ca66 100644
--- a/keepalived/vrrp/vrrp_iptables.c
+++ b/keepalived/vrrp/vrrp_iptables.c
@@ -468,7 +468,7 @@ iptables_init_lib(void)
 #endif
 
 #ifdef _HAVE_LIBIPSET_
-	if (global_data->using_ipsets && !ipset_init())
+	if (global_data->using_ipsets && !ipset_initialise())
 		global_data->using_ipsets = false;
 #endif